Keeping your network secure requires staying ahead of emerging threats. Recently, multiple vulnerabilities impacting the SonicWall SMA100 series have been identified, prompting swift action to ensure your devices are protected. Here's what you need to know and how Logically and SonicWall can support you in mitigating these risks.
Understanding the Vulnerabilities
The following vulnerabilities have been identified in SonicWall SMA100 series devices:- Path Traversal Vulnerability
- CVE: CVE-2024-38475
- Description: A flaw in Apache HTTP Server's mod_rewrite allows attackers to map URLs to file system locations.
- Severity: CVSS 7.5
- Heap-based Buffer Overflow
- CVE: CVE-2024-40763
- Description: Exploitable by remote authenticated attackers, potentially leading to code execution.
- Severity: CVSS 7.5
- Stack-based Buffer Overflow
- CVE: CVE-2024-45318
- Description: A vulnerability in the web management interface could lead to code execution.
- Severity: CVSS 8.1
- Certificate Authentication Bypass
- CVE: CVE-2024-45319
- Description: Circumvents certificate requirements during authentication.
- Severity: CVSS 6.3
- Insecure Randomness
- CVE: CVE-2024-53702
- Description: A cryptographically weak PRNG exposes generated secrets.
- Severity: CVSS 5.3
- Stack-based Buffer Overflow in mod_httprp
- CVE: CVE-2024-53703
- Description: Could lead to code execution.
- Severity: CVSS 8.1
SonicWall’s Response
SonicWall's Product Security Incident Response Team (PSIRT) has provided guidance for addressing these vulnerabilities. While there is no evidence of exploitation in the wild, SonicWall strongly advises all users of SMA100 series products to upgrade to the latest firmware to mitigate these risks.
Affected Devices
- SMA100 Series: SMA 200, 210, 400, 410, and 500v devices running firmware version 10.2.1.13-72sv or older.
Patched Firmware Version
- Recommended Version: SonicOS 10.2.1.14-75sv
What Logically Is Doing
At Logically, we’re taking proactive steps to help protect your environment:
- For Managed Service Customers, we are actively creating service tickets and upgrading affected devices to the latest firmware.
- For Non-Managed Customers, we can assist in upgrading devices as part of a billable engagement.
Steps to Protect Your Environment
- Identify Affected Devices
- Verify whether your devices are running the vulnerable firmware versions. Affected devices include SMA 200, 210, 400, 410, and 500v.
- Upgrade Firmware
- Download and apply the latest firmware (10.2.1.14-75sv) from SonicWall. This will require a reboot, so schedule accordingly to minimize downtime.
- Contact Support
- If you require assistance, reach out to your support provider or SonicWall’s help desk. Logically can also assist with upgrades for non-managed devices at a billable rate.
Conclusion
Security is a shared responsibility, and staying ahead of vulnerabilities is critical to safeguarding your network. By upgrading your devices promptly, you can mitigate risks and maintain a secure environment.Logically and SonicWall are here to support you through this process, ensuring your systems are patched and secure. If you have questions or need assistance, please contact us to discuss how we can help protect your network.
